W32.Jeefo

W32.Jeefo Overview W32.Jeefo drops a file named svchost.exe in %WinDir%. Note, the legitimate svchost.exe file is located in %SystemDir% and should not be deleted. The virus infects other .exe files, so it is recommended that you run an anti-virus to verify that all files on your system is clean. Please go to the anti-virus recommendation page. You can find both free products or use one of the trials to remove the virus.

Note: %WinDir% is a variable (?). By default, this is C:\Windows (Windows 95/98/Me/XP) or C:\WINNT (Windows NT/2000).
Note: %SystemDir% is a variable (?). By default, this is C:\Windows\System (Windows 95/98/Me), C:\WINNT\System32 (Windows NT/2000), or C:\Windows\System32 (Windows XP).

Classification Virus Files svchost.exe Log references Log 131 Detection Bazooka Adware and Spyware Scanner detects W32.Jeefo. Bazooka is freeware and detects spyware, adware, foistware, trojan horses, viruses, worms, etc. Read more » Manual removal Please follow the instructions below if you would like to 14414d35o remove W32.Jeefo manually. Please notice that you must follow the instructions very carefully and delete everything that is mentioned. In most cases the removal will fail if one single item is not deleted. If W32.Jeefo remains on your system after stepping through the removal instructions, please double-check by stepping through them again.

Start your computer in safe mode.

Start the registry editor. This is done by clicking Start then Run. (The Run dialog will appear.) Type regedit and click OK. (The registry editor will open.)

Browse to the key:
'HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ RunServices'

In the right pane, delete the value called 'PowerManager', if it exists.

Exit the registry editor.

Start Windows Explorer and delete:
%WinDir%\svchost.exe
Note: %WinDir% is a variable (?). By default, this is C:\Windows (Windows 95/98/Me/XP) or C:\WINNT (Windows NT/2000).

Problems uninstalling? Click here. Please support me Thank you for using my site. Please help me to keep this site and software up-to-date.

Safe Mode - A definition Safe Mode is a trouble-shooting mode in all versions Windows operating system except Windows 3.1 and Windows NT. When the computer is started in safe mode, only the most necessary components of the system are loaded. This means that some functions will not be available, such as connecting to the Internet and using a high resolution on your monitor. When you reboot into normal mode again, all your normal settings will come back. Purpose The purpose of the Safe-Mode is to be able to start the operating system only with a minimal set of components loaded. The good thing about this is that the spyware, adware, virus or malfunctioning component you are trying to remove will in 99% of the cases not be loaded in Safe Mode and therefore much easier to delete of fix. To start in Safe Mode using F8 To start your computer in safe mode, follow these steps.

Close all programs.

Shut down Windows from the Start Button.

Turn off the Power

Turn on the power.

Now comes the tricky thing, during the start-up of your computer you should tap F8, Usually quite early in the start-up process. It is often a successful technique to tap it many times duing the startup. After a while your will be presented with a menu that allow you to start in safe mode, or it will be loaded without any extra interaction.

When Windows has started in safe mode, you will notice this by a low resolution, few colours on the screen and no network capabilities.

Registry Editor - A definition The Registry Editor allows you to edit the registry. The registry editor is a powerful tool, but can cause serious problems if used incorrectly. Before you modify the registry it is recommended that you back up the registry and understand the procedure how to restore it if problems occur.

For more information how to back up the registry, please consult the Microsoft Knowledge Base: Windows 9x, Windows NT, Windows 2000, Windows XP and 2003 server.

Start the registry editor as follows:

Click Start -> Run -> type regedit.exe -> press enter.

Windows Explorer - A definition Windows Explorer is a tool that allows you to browse, view, copy and delete files. Windows Explorer comes with Windows 95/98/ME/NT/2000/XP and you can start it as follows:

Click Start -> (All) Programs -> Accessories -> Windows Explorer, or

Click Start -> Run -> explorer.exe, or

Hold the Windows Button on your keyboard and press 'e'.

Problems uninstalling? Here's some advice. Yes, it can be both tedious and difficult to uninstall the threats manually. And trust me, I know all about it after testing and analysing hundreds of spywares and adwares :) This page will give you some advice that hopefully will help you in the process of deleting the threats that Bazooka detects. Advice 1 - Be careful Be careful. Take your time when going through the manual removal procedure. If you skip one uninstall steps, or if you do not delete all registry keys or files mentioned, in most cases the uninstall procedure will fail and Bazooka will continue to report the threat.
On the other hand, it is also important that you do not delete anything else than the items mentioned in the uninstall instructions. That might damage your system.

Advice 2 - Understand the variables The uninstall instructions often use %variables% to point out the location of the files and folders that should be deleted from your hard drive. For example, in the uninstall instructions you might find something that looks like this:

Start Windows Explorer and delete:
%WinDir%\afolder\spywarefile.exe
Note: %WinDir% is a variable (?). By default, this is C:\Windows (Windows 95/98/Me/XP) or C:\WINNT (Windows NT/2000).

This doesn't mean that there is something named %WinDir% on your hard drive. %WinDir% is a "nickname" for the Windows installation directory, which may be different depending on the operating system you are running (but also other factors). The Windows installation directory is most likely C:\Windows (Windows 95/98/ME/XP) or C:\Winnt (Windows NT/2000).

You can read more about the variables here.

Advice 3 - Show hidden files and the extension Most installations of Windows is by default configured not to show hidden or protected files. The same goes for known file types, such as .exe and .txt, which by default are not shown either. The manual uninstall procedures assumes that you can see all files and their extensions. Symantec offers a guide how to change these settings. Advice 4 - Safe Mode "Error Deleting File or Folder - Cannot delete X: Access is denied. Make sure the disk is not full or write-protected and that the file is not currently in use."

Does this look familiar? In most cases you can delete the file or folder if you reboot into safe mode.

Advice 5 - The search functions Both Windows Explorer and the Registry Editor have a search function that come in handy when you want to find a file on the hard drive or something in the registry.
To search for a value in the registry editor: Start the editor, select the root in the left pane, click Edit and choose Find.
To search for a file or folder in Windows Explorer: Start Windows Explorer, right-click My Computer and choose Search.

Advice 6 - The Bazooka log If you are sure you have removed all items that are mentioned in the uninstall instructions, but that darn Bazooka scanner still report the threat, you can look in the Bazooka log to find out why Bazooka still nags about it. The log is actually not meant for the end-user and it is hard to interpret, but I think that it after all might offer some help.

To look in the log, click the "Generate Log" button in the Bazooka dialog, save it on disk, open the log in a text editor, scroll down to "Result when scanning". The information there might offer some help.